Re: [cti] Submission of request for CTI Standards Adoption, Engagement and Outreach subcommittee

["Jordan, Bret" <bret.jordan@bluecoat.com>]

As previously stated, I fully support this and second the motion to create this subcommittee. 

Thanks,

Bret

Bret Jordan CISSP

Director of Security Architecture and Standards | Office of the CTO

Blue Coat Systems

PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303

"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." 

On Jun 20, 2015, at 09:17, Joep Gommers <joep@intelworks.com> wrote:

Attached. Copy in-line:

TC Name: Cyber Threat Intelligence / CTI

TC Email Address: cti@lists.oasis-open.org

 

Subcommittee Name: CTI Standards Adoption, Engagement and Outreach

Subcommittee Email List Name: cti-engagement@lists.oasis-open.org

Statement of Purpose:

 

·      Landscape
Identification, Discovery, Documentation, Support to- and Communication of the landscape of current- and prospective users of CTI’s Standards CyBox, STIX and TAXII. Including but not limited to:

o   Information Sharing and Analysis Organizations (ISAOs), Information Sharing & Analysis Centers (ISACs), Cyber Intelligence Sharing Center (CISCs), National Detection Networks and other geo-graphical, sector- and community specific cyber threat intelligence and incident related exchange communities.

o   Technology vendors of technologies powering Security Operations, Incident Response and Threat Management.

o   Service providers in Security Operations, Incident Response and Threat Management.

o   Cyber Threat Intelligence content suppliers.

o   Civil Regional, National or Global Alliances able to receive and/or share Cyber Threat Intelligence information

·      Trust
Build trust among decision makers and technical specialists in favor of adopting CTI Standards CyBox, STIX and TAXII as part of their technology enablement toolset. Including but not limited to activities around community motivation and enablement for public speaking, publications, closed-door evangelizing and easily accessible information.

·      Enablement
Identification of key growth factors in adoption to be able to bridge the gap in information needs, tooling, features in the standards and other community enablement. 

·      Certification
Working towards community agreed and stable certification framework to enable the landscape to measure compatibility and feature implementation through a trusted (group of) third party/parties. Eventual goal being predictable compatibility.

·      Public relations
If the larger TC finds it helpful, routing and facilitation of press requests and other public relations matters.

 

 

 

Deliverables:

 

·      Landscape

o   Listed and/or visual representations of the landscape

o   Hall of frame / Hall of shame

o   Compatibility and certification overviews

o   Guides, usage patterns and other enablement required for further adoption

o   All available to the community and the public through the OASIS portal and/or other STIX, TAXII and CyBox online portals

·      Trust

o   Public speaking engagements

o   Papers

o   Marketing / PR

o   Documentation

·      Enablement

o   Usage patterns

o   CTI TC functional and non-functional requirements

o   Surrounding tooling (requirements)

o   Documentation

·      Certification

o   Certification framework

o   Certification partners

 

Chairs: Patrick Maroney, Joep Gommers

 

 

 

<CTI Standards Adoption.docx>
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that 
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail